Using ProtectNetwork to test your SP

ProtectNetwork offer an open-access IdP within the UK federation that can be used to test your SP's deployment. Your SP must already be registered in the UK federation, and you will need to sign up for a free End User Account to take advantage of ProtectNetwork's IdP. Using ProtectNetwork to test your SP without registering it in the UK federation is outside the scope of this document.

Please note that the ProtectNetworkIdP has no SAML1 Attribute Authority, and so cannot be used to test the back-channel attribute queries from your SP.

Check your email inbox for an automatically-generated registration email and follow the instructions in that email.

You should now have a ProtectNetwork End User Account.

Testing your SP

Attempt to log into your SP using federated access.

At the Discovery Service Page, select ProtectNetwork.

Log in with your ProtectNetwork credentials.

You will be able to view the credentials received by your SP in your SP's logs. If this does not work, you can check what credentials are being passed by ProtectNetwork (sign in to your ProtectNetwork End User Account and view the "visited sites" section). You can also test that the ProtectNetwork credentials are being passed correctly by using the UK federation's test SP in step 1 (above).

If you want to test your SP by releasing additional attributes you will need an Administrator Account, which is available on a 30-day free trial. Registering and setting up the account to release additional attributes is a multi-step process which may take several working days to fully authorise and set-up:

you will need to provide a business case for both registering the account and for releasing the additional attributes,

you will have to register your SP with ProtectNetwork,

you will have to associate an End User Account with your SP, and

you may have to edit your attribute-map.xml and attribute-policy.xml files to use some of the additional attributes in your web application.